Quinn, S.
, Eliot, D.
, Prebil, M.
, Witte, G.
and Smith, M.
(2026),
NIST Cybersecurity Framework 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.1308, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=961795
(Accessed March 24, 2026)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
NIST Cybersecurity Framework 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide
Published
Author(s)
, , , Greg Witte, Matthew Smith
Abstract
This Quick-Start Guide (QSG) draws on concepts and practices from enterprise risk management, cybersecurity risk management, and workforce management to help organizations improve communication about cybersecurity risks and to plan and implement workforce decisions based upon risk reality and planned risk responses. The scope of this QSG will vary depending on the user, but generally applies at the organization level, where cybersecurity risks of multiple systems are managed, and at the enterprise level, where senior leaders take on unique risk management responsibilities spanning multiple organizations. This QSG addresses the need for agile, continuous workforce adaptation to rapidly evolve for emerging threats and technologies.Citation
Special Publication (NIST SP) - 1308
Report Number
1308
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
cybersecurity, enterprise risk management, cybersecurity workforce management, risk register, CSF 2.0, Cybersecurity Framework Profile
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created March 23, 2026